This is a Discovery Integration.
This integration collects 90 days of history by default upon first connection.
Collect Required Information from Vendor
IMPORTANT!
You must meet the following prerequisite(s) before you can continue.
You will need to have Administrator Roles created.
For assistance with creating User Roles, refer to User Permissions | ThreatLocker Help Center (kb.help).
Log in to the Threatlocker Portal.
Go to the Administrators page and select the API Users tab.
Select the New API User button, name it Calero and select the Generate API Token.
Copy/save the following field(s) for use when onboarding this Integration:
API Key (i.e., the token)
IMPORTANT!
You MUST copy/save this token for use when onboarding this Integration (see below). It will not be visible again.
Set the API Expiration date to 365 days.
Give the token the following roles:
View organization
View computers
View reports
View system audit
View ThreatLocker threats
View ThreatLocker policies
View ThreatLocker remediations
View unified audit
Give the token “All” organizations.
Select the Create button.
Onboard This Discovery Integration
Go to SaaS Management > Applications.
Select Add Integration.
Select the Discovery Apps tab, then select the card with the vendor's name.
From the API tab, enter the field(s) you copy/saved above.
Select the Authorize button.
SUCCESS!
You will now be redirected to the Integrations page in Calero.com, where the data sync will continue in the background, and you can monitor progress.
SUGGESTION:
Access Help through your Calero.com instance if links between articles return errors or if there are fewer sections in the Help menu than expected. Doing so will ensure you see all Help articles.